Apple macOS Monterey 12.3-CVE-2022-22616
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:highCVE Type:Unspecified DESCRIPTION CVE-2022-22616 is an unspecified vulnerability impacting Apple macOS Monterey versions 12.2.1...
Year: 2022
Linux Kernel security update-CVE-2022-28796
NAME Linux Kernel Organization - Linux Kernel Platforms Affected:Linux KernelRisk Level:lowCVE Type:Use after free DESCRIPTION CVE-2022-28796 is a use after...
Mozilla Firefox code execution | CVE-2022-29918
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 99Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...
Mozilla Firefox code execution | CVE-2022-29917
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 99 Mozilla Firefox ESR 91.8Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow...
Multiple TRUMPF TruTops products security bypass | CVE-2022-1300
NAME Multiple TRUMPF TruTops products security bypass Platforms Affected:TRUMPF TruTops Boost 13.05 TRUMPF TruTops Boost 13.08.21 TRUMPF TruTops Fab 22.05...
OpenSSL command execution | CVE-2022-1292
NAME OpenSSL command execution Platforms Affected:OpenSSL OpenSSL 1.0.2 OpenSSL OpenSSL 1.1.1 OpenSSL OpenSSL 3.0.0 OpenSSL OpenSSL 3.0.1 OpenSSL OpenSSL 3.0.2...
Conti Ransomware Victim: https-www-eypae-co
continews NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
China-linked APT Curious Gorge targeted Russian govt agencies
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG)...
LeakedHandlesFinder – Leaked Windows Processes Handles Identification Tool
Leaked Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download LeakedHandlesFinder If you like the site,...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
US-CERT Bulletin (SB22-122):Vulnerability Summary for the Week of April 25, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
HackerOne Bug Bounty Disclosure: blind-xss-via-feedback-form-byb3hlull
Programme HackerOne Judge.me Judge.me Submitted by b3hlull b3hlull Report Blind XSS via Feedback form. Full Report
HackerOne Bug Bounty Disclosure: self-dos-due-to-template-injection-via-email-field-in-password-reset-form-on-access-acronis-combysudo_bash
Programme HackerOne Acronis Acronis Submitted by sudo_bash sudo_bash Report Self-DoS due to template injection via email field in password reset...
BugCrowd Bug Bounty Disclosure: P4 – No Rate Limiting on resend email option when signing up for an account – By CyberKey
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
State-backed hacking group from China is targeting the Russian military
In an unexpected turn of events, research has surfaced about a Chinese APT (advanced persistent threat) group targeting the Russian...
A DNS flaw impacts a library used by millions of IoT devices
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of...
Craft fair vendors targeted by fake event scammers on Facebook
A real world scam which sucks the fun out of craft fairs has caused nothing but stress for victims. It...
US healthcare billing services group hacked, affecting at least half a million individuals
According to the US Department of Health and Human Services, Adaptive Health Integrations (AHI), a healthcare software and billing services...
Airdrop phishing: what is it, and how is my cryptocurrency at risk?
Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures...
Over 50 countries sign the “Declaration for the Future of the Internet”
Governments of the US, EU member states, and 32 other countries have announced the launch of the “Declaration for the...
FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and FirmWire...
China-linked Moshen Dragon abuses security software to sideload malware
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A...
BugCrowd Bug Bounty Disclosure: P3 – XSS reflected – https://www.indeed.com/hire/employer-confirmation [co, hl] – By CGuillaume
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
